Table of Contents
Chapter 9
Configuring IEEE 802.1x Port-Based Authentication
Table 9-4
Feature
Maximum retransmission number
Client timeout period
Authentication server timeout period
Guest VLAN
Inaccessible authentication bypass
Restricted VLAN
Authenticator (switch) mode
MAC authentication bypass
802.1x Authentication Configuration Guidelines
This section has configuration guidelines for these features:
•
•
•
•
802.1x Authentication
These are the 802.1x authentication configuration guidelines:
•
•
•
OL-13270-06
Default 802.1x Authentication Configuration (continued)
802.1x Authentication, page 9-35
VLAN Assignment, Guest VLAN, Restricted VLAN, and Inaccessible Authentication Bypass,
page 9-36
MAC Authentication Bypass, page 9-37
Maximum Number of Allowed Devices Per Port, page 9-37
When 802.1x authentication is enabled, ports are authenticated before any other Layer 2 or Layer 3
features are enabled.
If the VLAN to which an 802.1x-enabled port is assigned changes, this change is transparent and
does not affect the switch. For example, this change occurs if a port is assigned to a RADIUS
server-assigned VLAN and is then assigned to a different VLAN after re-authentication.
If the VLAN to which an 802.1x port is assigned to shut down, disabled, or removed, the port
becomes unauthorized. For example, the port is unauthorized after the access VLAN to which a port
is assigned shuts down or is removed.
The 802.1x protocol is supported on Layer 2 static-access ports, voice VLAN ports, and Layer 3
routed ports, but it is not supported on these port types:
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Software Configuration Guide
Default Setting
2 times (number of times that the switch will send an
EAP-request/identity frame before restarting the
authentication process).
30 seconds (when relaying a request from the
authentication server to the client, the amount of time the
switch waits for a response before resending the request
to the client.)
30 seconds (when relaying a response from the client to
the authentication server, the amount of time the switch
waits for a reply before resending the response to the
server. This setting is not configurable.)
None specified.
Disabled.
None specified.
None specified.
Disabled.
Configuring 802.1x Authentication
9-35
Hide quick links:
Chapters
Table of Contents
Troubleshooting
